Thycotic’s Cyber Security Publication

March 1st, 2016

For the last 15 years, IT Weapons, a Konica-Minolta Company, has provided award-winning security consulting, private cloud solutions, and technology services for organizations worldwide. They had been using homegrown privileged account management (PAM) solutions, but grew quickly and determined that they needed an enterprise-class PAM solution to improve security and make going through audits easier.

Challenges

IT Weapons not only provides services, but builds and runs secure IT systems for many companies of all sizes around the world. In total, they actively manage more than 11,000 devices in their private cloud alone, supporting hundreds and thousands of systems for their clients daily. In order to provide the best solutions and build systems that will properly integrate with their existing environments, clients must provide IT Weapons with access to privileged systems and sensitive areas of the network. Due to the nature of their work, IT Weapons constantly deals with security and compliance auditors on a regular basis and needed a way to manage those clients’ privileged account information.

Solutions

Thycotic Secret Server acts as a way to store privileged credentials, secure them, and audit who has been using them and when. Implementing a policy of least privilege is easy, as permissions can be assigned/removed from roles assigned to users as needed. Separation of duties is also easy to apply using Secret Server, with visibility of privileged accounts being controlled on a per-user basis or by groups as the administrator chooses. Access can be restricted such that only certain users can access certain accounts, a user has to request access from another user to access the account, or the account can only be “checked out” to one user at a time – this delves into the world of nonrepudiation, where a user cannot deny his or her actions due to the audit trail left when he or she accessed sensitive information. Additionally, secure passwords can be automatically generated on an account and remotely changed every time a user is finished using it, allowing for a constantly changing password such that a user cannot log into a privileged account after checking it back in on Secret Server.

Conclusion

Today, Secret Server is the primary privileged account management solution used by IT Weapons. Ted Garner, Co-Founder and CEO of IT Weapons says, “Security is going to remain paramount, and is a critical piece to our growth. We know it’s an important part of our future, but it’s partners like Thycotic that will be flexible and grow with us that make it a critical partnership for our ongoing growth.” By practicing stronger privileged account management internally and providing a secure way to vault, manage, and audit credentials for clients, IT Weapons can continue to meet the growing security needs of their global client base.